<?php
/**
 * Copyright (c) 2006, PORTALIER Julien
 *
 * Licensed under The LGPL License
 * Redistributions of files must retain the above copyright notice.
 *
 * @package      Feather's website
 * @copyright    Copyright (c) 2006, Julien PORTALIER
 * @link         http://feather.portalier.com
 * @license      http://www.opensource.org/licenses/lgpl-license.php The LGPL License
 */

class MembersController extends Controller
{
	public $module     = 'member';
	public $_templates = 'members';
	
	function login()
	{
		$form =& $this->params['form'];
		
		if (isPost() and !empty($form['uid']) and !empty($form['pwd']))
		{
			$res = $this->Member->login($form['uid'], $form['pwd']);
			if (is_array($res))
			{
				$this->Auth->login($res);
				$this->Auth->remember($form['uid'], $form['pwd'], isset($form['remember']));
				
				$this->flash(s_('Welcome in %s!', $form['uid']), isset($form['referer']) ? $form['referer'] : '/');
			}
			
			$this->Session->setFlash($res);
		}
		
		$this->pageTitle = _('Login');
	}
	
	function logout()
	{
		$this->Auth->logout();
		$this->flash(_("You've been disconnected."), '/');
	}
	
	function my()
	{
		if ($this->Auth->identified)
			$this->data = $this->Member->read('*', $this->Auth->id);
		else
			$this->Auth->permissionDenied();
		
		$this->pageTitle = _('My page');
	}
	
	function show($id)
	{
		$this->data = $this->Member->read('*', $id);
		$this->pageTitle = s_('Member: %s', $id);
	}
	
	function invite()
	{
		// checks rights
		if (!$this->Auth->inGroup(Config::admins))
		{
			if ($this->Auth->identified)
			{
				if ($this->field('counter_invitations') < 1)
					$this->Auth->permissionDenied();
			}
			else {
				$this->Auth->permissionDenied();
			}
		}
		
		// invites
		if (!empty($this->params['form']['email']))
		{
			$this->load->components('Swift');
			$this->Swift->send(array($this->data['Member']['id'], $this->data['Member']['email']),
				Config::website_email, s_('Invitation from %s', $this->Auth->id));
			
			$this->message(_("Invitation sent."),
				_("The invitation has been sent and should be shortly received."));
		}
	}
	
	// accounts management
	
	function register()
	{
		if (!empty($this->data))
		{
			$this->Member->db->transactions('start');
			
			if ($this->Member->save(null, true, 'insert'))
			{
				// ACL
				if (isset($this->Acl))
					$this->Acl->registerAro("User.{$this->data['Member']['id']}");
				
				// sets default groups
				$groups = explode(',', str_replace(' ', '', Config::default_groups));
				$this->Member->Group->register($this->data['Member']['id'], &$groups);
				$this->data['Member']['groups'] =& $groups;
				
				$this->Member->db->transactions('commit');
				
				// logs member in
				$this->Auth->login($this->data['Member']);
				
				$this->load->components('Swift');
				$this->Swift->send(array($this->data['Member']['id'], $this->data['Member']['email']),
					Config::website_email, _('Your account has been created'));
				
				$this->flash(_('Your account has been created!'), '/members/my');
			}
			
			$this->Member->db->transactions('rollback');
		}
	}
	
	function reminder()
	{
		if (isset($this->params['url']['q']))
		{
			$q = $this->params['url']['q'];
			
			// looks for an account
			$this->Member->recursive = -1;
			$this->Member->conditions(array('email' => $q, 'id' => $q));
			$this->Member->operator('OR');
			$user = $this->Member->find('id, email');
			
			if (!empty($user))
			{
				// generates new password
				$user['Member']['pwd'] = substr(md5(mt_rand()), 0, 8);
				$cpwd = $this->Member->cryptPwd($user['Member']['pwd']);
				$data['salt'] = $cpwd[0];
				$data['pwd']  = $cpwd[1];
				
				// saves password
				$this->Member->id = $user['Member']['id'];
				if ($this->Member->saveFields(&$data))
				{
					$this->set('user', &$user['Member']);
					
					// sends new password
					$this->load->components('Swift');
					$this->Swift->send(array(array($user['Member']['id'], $user['Member']['email'])),
						Config::website_email, _('Your new password'));
					
					$this->message(_("New password sent!"),
						_("Your new password has been sent to your email address. It should arrive soon."));
				}
				else {
					$this->Session->setFlash(_("Oops, an error occured."));
				}
			}
			else {
				$this->Session->setFlash(_("Error: there is no such account."));
			}
		}
		
		$this->pageTitle = _('Password reminder');
	}
	
	function edit($id)
	{
		if (empty($this->data))
			$this->data = $this->Member->read('id, email');
		else
		{
			$this->Security->restrictFieldsTo(array('Member' => array('id, email')));
			
			if ($this->Member->save())
				$this->flash(_("The modifications to your account have been saved."), '/members/my');
		}
	}
	
	function profile($id)
	{
		if (empty($this->data))
			$this->data = $this->Member->read();
		else
		{
			$this->Security->removeFields(array('Member' => array('id, email')));
			
			if ($this->Member->save())
				$this->flash(_("Your profile has been saved."), '/members/my');
		}
	}
}
?>